Crypto Briefing

Utexo and x402 enable USDT payments for the agent economy with near-instant settlement

Utexo, the Bitcoin-native execution and settlement layer for stablecoin payments, today announced a collaboration with x402 ...

A Claude code plugin in an afternoon: What I learned

Plugins for AI coding tools sound like complex infrastructure. In practice, Markdown files and an HTTP API are sufficient.
Security Boulevard

Exposed LLM Infrastructure: How Attackers Find and Exploit Misconfigured AI Deployments

Exposed LLM servers are being actively scanned and exploited. Learn how attackers find misconfigured AI infrastructure and ...
SecurityWeek

Fortinet Patches Critical FortiSandbox Vulnerabilities

Fortinet patched 27 vulnerabilities, including two critical FortiSandbox flaws leading to authentication bypass and code ...

Patch these critical Fortinet sandbox bugs that let attackers bypass login, run commands over HTTP

CVE-2026-39808 is an OS command injection flaw in FortiSandbox that allows unauthenticated attackers to execute unauthorized ...
Communications of the ACM

Subscription Bombing: Email under Attack

Email subscription bombing (also known as subscription flooding or email spam bombing) is an attack technique that overwhelms ...
GamingOnLinux

Luanti (formerly Minetest) v5.15.2 brings critical security updates

Luanti (formerly Minetest) is the popular free and open source voxel game engine powering some really fun experiences and a ...
Infosecurity Magazine

Critical Nginx-ui MCP Flaw Actively Exploited in the Wild

A critical authentication bypass in nginx-ui, a widely used open-source web interface for managing nginx servers, has been ...
The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...
The Hacker News

n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails

According to Cisco Talos, it's these URL-exposed webhooks – which make use of the same *.app.n8n [.]cloud subdomain – that ...
InfoWorld

HTMX 4.0: Hypermedia finds a new gear

The ingenious engine of web dev simplicity goes all-in with the Fetch API, native streaming, Idiomorph DOM merging, and more.
CPO Magazine

Axios Supply Chain Attack Hits OpenAI: Users Urged to Update macOS Certificates

The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require ...